Was Your WordPress Website Hacked?

Nothing is worse than a customer searching for your website, in a Google search and then seeing the dreaded words in the search results:

“This website may have been hacked”

If that’s the case then you had better start looking carefully at your website. In this post, we’re concentrating on WordPress websites. Although WordPress is the most popular content management system in the world (making it a prime target for hackers), the problem is equally an issue for Joomla, Drupal, ModX and other such CMS websites. They are all targets.

The main issue stems from improper care and feeding of your website. In the days when “webmasters” ruled the land, only people with the knowledge to code and maintain websites had to deal with these issues. When you have someone properly qualified to maintain your website on a daily basis, it’s like having a security guard at the door.

However in this day and age the security guard at the door may be someone assigned to light web content management tasks and Facebook posts, etc., rather than a trained professional web expert. In fact, the hackers are thrilled and have a much easier job of hacking a website, when there is “no one watching the gates” of these do-it-yourself website systems.

Facebook has a team of technical experts monitoring their website every minute of every day. The average US business with a WordPress website, maintained in-house, could have little to no security measures in place whatsoever.

That’s a pretty shocking and sobering fact. It also explains why hacking attempts are increasing and larger than ever before. Basically, the guard is asleep at the door, or worse yet, doesn’t even know there is a door!

Image by Sucuri

According to Sucuri:

Our analysis shows that SEO spam continues to be a go-to for attackers, with a 6% increase over Q1. In total, 38% of sites had some form of SEO spam injection. Backdoors continue to be one of the many post-hack actions attackers take, with 71% of the infected sites having some form of backdoor injection.

What is the solution?

First, there is nothing wrong with novices managing their own websites, uploading photos and writing blog posts. Web copywriters, graphic designers and bloggers all do fantastic work with producing and maintaining web content. They should continue to do so but the first line of defense is strong passwords. The 8 digit password is now easily deciphered and people are still using such easy to guess passwords as their name, “password123” and things like that. It’s a blatant way of inviting trouble. Change ALL your web passwords to strong passwords. There are even tools to help you do this.

The first step is prevention. How to protect your WordPress website:

Promptly update all of your WordPress core and theme applications whenever you get a notice. Didn’t get an email notice? But before you do that, backup the entire website and database files.

Update all plug-ins and delete plug-ins that are not activate or used. If you’re not using a plug-in, deactivate and delete it. The reason that plug-ins are updated might be to security breaches, so the update may contain a critical patch.

Make sure to use a security plug-in such as Wordfence or Sucuri (free or paid version). Activate it and take time to learn how to configure it. Make sure to set an email address so that Wordfence can send you security alerts.

Many of our clients hire us for an hour each month to go in and take care of all of the above tasks. It’s a lot like getting an oil change done on your car. If you do it on a regular basis, you seldom have any problems at all.

The first thing you can do if you have access to your WordPress dashboard is run a scan with Wordfence or Sucuri, or whatever program you have installed. If your website has been hacked, there are a number of web tools you can run to pinpoint the infection. Note that I have ran Wordfence scans which still did not pickup malware infections, so nothing is perfect. This is why it’s most important to install safeguards and monitor the website in the first place.

Check your Users area for any signs of bogus users, obvious fake email addresses and other “user spam”. Delete them. Make sure that Users with full administrator access are still authorized to do so. If not, delete them.

There is also the possibility that you might be blacklisted by Google and others. Login and check your Google webmaster tools and follow the suggestions and procedures they recommend. Note that even after your website is cleaned up, it may take 10 days for Google to remove your site from their blacklist.

If worse comes to worse, you may have to purchase software to clean the infected website. Sucuri has done a great job of cleaning up badly infected websites for me in the past.

Image by Sucuri

Best way to fix a hacked WordPress website is to start with prevention.

You don’t need a huge budget or a full time web administrator. An hour or two each month is a small price to pay for a website that’s clean and safe for you and your customers or clients to use. If you have any questions, or would like to get started with an affordable website protection plan, please contact us and we’ll get you set up immediately.